Performing identity mapping for authorization across servers in different realms

Performing identity mapping for authorization across servers in different realms

Identity mapping is a one-to-one mapping of a user identity between two servers so that the proper authorization decisions are made by downstream servers. Identity mapping is necessary when the integration of servers is needed, but the user registries are different and not shared between the systems.

About this task
The following topics are covered in this section:

Procedure

Configuring inbound identity mapping For inbound identity mapping, we can write a custom login module and configure WebSphere Application Server to run the login module first within the system login configurations. Consider the following steps when you write your custom login module: Configuring inbound identity mapping .
Configuring outbound identity mapping to a different target realm By default, when WAS makes an outbound request from one server to another server in a different security realm, the request is rejected. This topic details alternatives for enabling one server to send outbound requests to a target server in a different realm. For more information, see Configuring outbound mapping to a different target realm

See also

Configuring inbound identity mapping
Configuring outbound mapping to a different target realm
Related tasks
Configuring RMI over IIOP